1<html lang="en"> 2<head> 3<title>NTP Symmetric Key</title> 4<meta http-equiv="Content-Type" content="text/html"> 5<meta name="description" content="NTP Symmetric Key"> 6<meta name="generator" content="makeinfo 4.7"> 7<link title="Top" rel="top" href="#Top"> 8<link href="http://www.gnu.org/software/texinfo/" rel="generator-home" title="Texinfo Homepage"> 9<meta http-equiv="Content-Style-Type" content="text/css"> 10<style type="text/css"><!-- 11 pre.display { font-family:inherit } 12 pre.format { font-family:inherit } 13 pre.smalldisplay { font-family:inherit; font-size:smaller } 14 pre.smallformat { font-family:inherit; font-size:smaller } 15 pre.smallexample { font-size:smaller } 16 pre.smalllisp { font-size:smaller } 17 span.sc { font-variant:small-caps } 18 span.roman { font-family: serif; font-weight: normal; } 19--></style> 20</head> 21<body> 22<h1 class="settitle">NTP Symmetric Key</h1> 23<div class="node"> 24<p><hr> 25<a name="Top"></a>Next: <a rel="next" accesskey="n" href="#ntp_002ekeys-Description">ntp.keys Description</a>, 26Previous: <a rel="previous" accesskey="p" href="#dir">(dir)</a>, 27Up: <a rel="up" accesskey="u" href="#dir">(dir)</a> 28<br> 29</div> 30 31<h2 class="unnumbered">NTP's Symmetric Key File User Manual</h2> 32 33<p>This document describes the symmetric key file for the NTP Project's 34<code>ntpd</code> program. 35 36 <p>This document applies to version 4.2.8p7 of <code>ntp.keys</code>. 37 38 <div class="shortcontents"> 39<h2>Short Contents</h2> 40<ul> 41<a href="#Top">NTP's Symmetric Key File User Manual</a> 42</ul> 43</div> 44 45<ul class="menu"> 46<li><a accesskey="1" href="#ntp_002ekeys-Description">ntp.keys Description</a> 47<li><a accesskey="2" href="#ntp_002ekeys-Notes">ntp.keys Notes</a> 48</ul> 49 50<div class="node"> 51<p><hr> 52<a name="ntp_002ekeys-Description"></a>Previous: <a rel="previous" accesskey="p" href="#Top">Top</a>, 53Up: <a rel="up" accesskey="u" href="#Top">Top</a> 54<br> 55</div> 56 57<!-- node-name, next, previous, up --> 58<h3 class="section">Description</h3> 59 60<p>The name and location of the symmetric key file for <code>ntpd</code> can 61be specified in a configuration file, by default <code>/etc/ntp.keys</code>. 62 63<div class="node"> 64<p><hr> 65<a name="ntp_002ekeys-Notes"></a> 66<br> 67</div> 68 69<h3 class="section">Notes about ntp.keys</h3> 70 71<p><a name="index-ntp_002ekeys-1"></a><a name="index-NTP-symmetric-key-file-format-2"></a> 72 73 <p>This document describes the format of an NTP symmetric key file. 74For a description of the use of this type of file, see the 75"Authentication Support" 76section of the 77<code>ntp.conf(5)</code> 78page. 79 80 <p><code>ntpd(8)</code> 81reads its keys from a file specified using the 82<code>-k</code> 83command line option or the 84<code>keys</code> 85statement in the configuration file. 86While key number 0 is fixed by the NTP standard 87(as 56 zero bits) 88and may not be changed, 89one or more keys numbered between 1 and 65534 90may be arbitrarily set in the keys file. 91 92 <p>The key file uses the same comment conventions 93as the configuration file. 94Key entries use a fixed format of the form 95 96<pre class="example"> <kbd>keyno</kbd> <kbd>type</kbd> <kbd>key</kbd> <kbd>opt_IP_list</kbd> 97</pre> 98 <p>where 99<kbd>keyno</kbd> 100is a positive integer (between 1 and 65534), 101<kbd>type</kbd> 102is the message digest algorithm, 103and 104<kbd>key</kbd> 105is the key itself, and 106<kbd>opt_IP_list</kbd> 107is an optional comma-separated list of IPs 108that are allowed to serve time. 109If 110<kbd>opt_IP_list</kbd> 111is empty, 112any properly-authenticated server message will be 113accepted. 114 115 <p>The 116<kbd>key</kbd> 117may be given in a format 118controlled by the 119<kbd>type</kbd> 120field. 121The 122<kbd>type</kbd> 123<code>MD5</code> 124is always supported. 125If 126<code>ntpd</code> 127was built with the OpenSSL library 128then any digest library supported by that library may be specified. 129However, if compliance with FIPS 140-2 is required the 130<kbd>type</kbd> 131must be either 132<code>SHA</code> 133or 134<code>SHA1</code>. 135 136 <p>What follows are some key types, and corresponding formats: 137 138 <dl> 139<dt><code>MD5</code><dd>The key is 1 to 16 printable characters terminated by 140an EOL, 141whitespace, 142or 143a 144<code>#</code> 145(which is the "start of comment" character). 146 147 <br><dt><code>SHA</code><br><dt><code>SHA1</code><br><dt><code>RMD160</code><dd>The key is a hex-encoded ASCII string of 40 characters, 148which is truncated as necessary. 149</dl> 150 151 <p>Note that the keys used by the 152<code>ntpq(8)</code> 153and 154<code>ntpdc(8)</code> 155programs are checked against passwords 156requested by the programs and entered by hand, 157so it is generally appropriate to specify these keys in ASCII format. 158 159 <p>This section was generated by <strong>AutoGen</strong>, 160using the <code>agtexi-cmd</code> template and the option descriptions for the <code>ntp.keys</code> program. 161This software is released under the NTP license, <http://ntp.org/license>. 162 163<ul class="menu"> 164<li><a accesskey="1" href="#ntp_002ekeys-Files">ntp.keys Files</a>: Files 165<li><a accesskey="2" href="#ntp_002ekeys-See-Also">ntp.keys See Also</a>: See Also 166<li><a accesskey="3" href="#ntp_002ekeys-Notes">ntp.keys Notes</a>: Notes 167</ul> 168 169<div class="node"> 170<p><hr> 171<a name="ntp_002ekeys-Files"></a>Next: <a rel="next" accesskey="n" href="#ntp_002ekeys-See-Also">ntp.keys See Also</a>, 172Up: <a rel="up" accesskey="u" href="#ntp_002ekeys-Notes">ntp.keys Notes</a> 173<br> 174</div> 175 176<h4 class="subsection">ntp.keys Files</h4> 177 178 <dl> 179<dt><span class="file">/etc/ntp.keys</span><dd>the default name of the configuration file 180</dl> 181<div class="node"> 182<p><hr> 183<a name="ntp_002ekeys-See-Also"></a>Next: <a rel="next" accesskey="n" href="#ntp_002ekeys-Notes">ntp.keys Notes</a>, 184Previous: <a rel="previous" accesskey="p" href="#ntp_002ekeys-Files">ntp.keys Files</a>, 185Up: <a rel="up" accesskey="u" href="#ntp_002ekeys-Notes">ntp.keys Notes</a> 186<br> 187</div> 188 189<h4 class="subsection">ntp.keys See Also</h4> 190 191<p><code>ntp.conf(5)</code>, 192<code>ntpd(1ntpdmdoc)</code>, 193<code>ntpdate(1ntpdatemdoc)</code>, 194<code>ntpdc(1ntpdcmdoc)</code>, 195<code>sntp(1sntpmdoc)</code> 196<div class="node"> 197<p><hr> 198<a name="ntp_002ekeys-Notes"></a>Previous: <a rel="previous" accesskey="p" href="#ntp_002ekeys-See-Also">ntp.keys See Also</a>, 199Up: <a rel="up" accesskey="u" href="#ntp_002ekeys-Notes">ntp.keys Notes</a> 200<br> 201</div> 202 203<h4 class="subsection">ntp.keys Notes</h4> 204 205<p>This document was derived from FreeBSD. 206 207</body></html> 208 209